Jump to content

Amigo-A

Visiting Expert
  • Posts

    2436
  • Joined

  • Last visited

  • Days Won

    61

Everything posted by Amigo-A

  1. Hello @ahmedmahmoud If you think that your files have been attacked, for example, encrypted or blocked, then you need to attach an zip-archive with files to the message. Place 2-3 encrypted (blocked) files and a ransom note in the zip-archive. Usually, when hackers encrypt or lock files, they leave a ransom note where they write their demands, indicate the amount of the ransom. We will try to determine which ransomware attacked your files.
  2. Hello. Decryption is possible only in rare cases. You need to read the guide for this issue, only the first part. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  3. Hello. Decryption is possible only in rare cases. You need to read the guide for this issue, only the first part. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  4. Hello. Decryption is possible only in rare cases. You need to read the guide for this issue, only the first part. https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  5. Hola. Esta es una de las variantes del 'STOP Ransomware'. Lea esta guía. Muchas opciones. Este distribuido utilizando software reenvasado y pirateado. Muy raramente se puede descifrar si alguien compró y entregó la clave a los desarrolladores del Emsisoft Descifrador. No hay otra manera.
  6. If the identifier ends with "t1", then decryption is technically possible in the future, when the Emsisoft Decryptor receives the key for this variant. Sometimes someone buys such a key and voluntarily gives it to the developers of the Emsisoft Decryptor. Then the key will be added to this decryptor. We cannot speed up this process. More info >> It is recommended that every 2 weeks or once a month you download the decryptor again and test the decryptability of the encrypted files. The encrypted files should be moved to an external drive and one folder with the files should be left to be checked. If some other ransomware gets onto your computer, it may re-encrypt the files. Then the chances of decryption will be even less.
  7. The extortionists behind him have been involved in extortion for almost 5,5 years. Until now, the police have not been ordered to neutralize them, so extortionists act arrogantly and with impunity. Maybe another decryption will come up in the future.
  8. Hello If the identifier ends with "t1", then decryption is technically possible in the future, when the Emsisoft Decryptor receives the key for this variant. Sometimes someone buys such a key and voluntarily gives it to the developers of the Emsisoft Decryptor. Then the key will be added to this decryptor. We cannot speed up this process. More info >> It is recommended that every 2 weeks or once a month you download the decryptor again and test the decryptability of the encrypted files. The encrypted files should be moved to an external drive and one folder with the files should be left to be checked. If some other ransomware gets onto your computer, it may re-encrypt the files. Then the chances of decryption will be even less.
  9. Hello If the identifier ends with "t1", then decryption is technically possible in the future, when the Emsisoft Decryptor receives the key for this variant. Sometimes someone buys such a key and voluntarily gives it to the developers of the Emsisoft Decryptor. Then the key will be added to this decryptor. We cannot speed up this process. More info >> It is recommended that every 2 weeks or once a month you download the decryptor again and test the decryptability of the encrypted files. The encrypted files should be moved to an external drive and one folder with the files should be left to be checked. If some other ransomware gets onto your computer, it may re-encrypt the files. Then the chances of decryption will be even less.
  10. Ola @CleitoDias Você precisa usar o Google Tradutor. https://translate.google.com Unfortunately, this is the result of a STOP Ransomware attack. The extortionists behind him have been involved in extortion for almost 5,5 years. Until now, the police have not been ordered to neutralize them, so extortionists act arrogantly and with impunity. The problem is serious and it is impossible to decrypt the files if an online key was used during encryption. You can read more in the article. You need use Google Translator. If your files received two different extensions after encryption, then you were attacked twice. In each case, a different key may be used. If the online key was used twice, then decrypting the files is even more problematic. You can check the ransom notes in each folder and compare the Personal ID.
  11. Hola Carlos! If say correct, then it is an .jhbg extension. At the beginning of the ID there are numbers 0460. Unfortunately, this is the result of a STOP Ransomware attack. The extortionists behind him have been involved in extortion for almost 5,5 years. Until now, the police have not been ordered to neutralize them, so extortionists act arrogantly and with impunity. The problem is serious and it is impossible to decrypt the files if an online key was used during encryption. You can read more in the article. You need use Google Translator.
  12. Hola Federico! Unfortunately, this is the result of a STOP Ransomware attack. The extortionists behind him have been involved in extortion for almost 5,5 years. Until now, the police have not been ordered to neutralize them, so extortionists act arrogantly and with impunity. The problem is serious and it is impossible to decrypt the files if an online key was used during encryption. You can read more in the article. You need use Google Translator. If your files received two different extensions after encryption, then you were attacked twice. In each case, a different key may be used. If the online key was used twice, then decrypting the files is even more problematic. You can check the ransom notes in each folder and compare the Personal ID.
  13. https://www.bleepingcomputer.com/forums/t/771463/ I got your files from the BC forum. In that case, let's continue there.
  14. Hello. Add a few more different encrypted files.
  15. Antivirus software does not decrypt files. To decrypt, you need a decryptor that supports the "Stop Ransomware" variant that has encrypted your files. You can determine whether decryption is possible by using the guide and downloading the Emsisoft Decryptor.
  16. Hello. This tool was made 6 years ago. There is a date. He won't help, if the files were encrypted with a newer ransomware variant.
  17. En el futuro será posible descifrar archivos. Debe transferir todos los archivos cifrados a una unidad externa y desconectarla de su computadora. Deje solo una carpeta con archivos cifrados (copia) en su computadora y periódicamente (una vez cada dos semanas), descargue un nuevo descifrador y verifique la capacidad de descifrar archivos. No podemos acelerar el proceso de descifrado. Alguien tiene que comprar la clave del ransomware y dársela a los desarrolladores para que la agreguen al descifrador.
  18. Hola @josemontele Adjuntar un archivo _readme.txt al mensaje.
  19. Hello. This is not a bug in the program. Thus, the Emsisoft Decryptor reports that it does not yet have a key for the variant that encrypted your files. Check the possibility of decryption every 2 weeks, or every month. Perhaps someone will pass the decryption key to the developers and they will add it to the Decryptor.
  20. Hello. This is the result of a Dharma Ransomware attack. https://id-ransomware.malwarehunterteam.com/identify.php?case=379beffa4885232451a903d572096a0fd48ae96d
  21. Hello. You need to read this guide to understand the problem.
  22. Hello This means that it can be decrypted in the future, when the Emsisoft Decryptor has the decryption key for this variant 'STOP Ransomware'. It depends on the voluntary handover of the key by someone who paid the ransom, or will be possible after the police take over the extortionists server. But the police have not been doing this for 6 years.
  23. Theoretically, yes, there are many unfavorable outcomes, but very few favorable ones. In any case, if the encrypted files are very valuable, then they need to be collected along with the ransom notes and transfer to an external drive or flash drive.
×
×
  • Create New...